What's the most static element of the vibrant money mule recruitment ecosystem? It's the DNS infrastructure that the the cybercriminals behind the campaigns repeatedly use to push new scams.
This post aims to expose the name servers involved, the associates ASs, using the research previously conducted on their recruitment campaigns, and their affiliations with multiple other cybercrime activities.
Moreover, it's main objective is to emphasize on the fact that cybercrime should stop being treated as a country/region specific problem, instead it should be treated as an international problem, with each and every country having its own share of cybercrime activity.
"The whole is greater than the sum of its parts" - Aristotle
DNS Infrastructure of the Money Mule Recruitment Ecosystem (Source: ddanchev.blogspot.com)With money mule recruitment available as-a-service (Standardizing the Money Mule Recruitment Process) the post will only detail the activities of what's referred to as a "mule recruitment syndicate", in short, one of the most prolific syndicates with direct connections to numerous related cybercrime campaigns profiled over the past 6 months.
What makes an impression is the geographical distribution of the name servers. 11 of them are based in the Netherlands, another 11 are based in China, followed by 11 more based in the United States.
By Dancho Danchev, Independent Security Consultant. Visit the blog maintained by Dancho Danchev here.
Related topics: Cybercrime, DNS, Security
To post comments, please login or create an account.
DNSSponsored byNeustar UltraDNS | |
DNS SecuritySponsored byAfilias | |
IPv6Sponsored byNominum | |
MobileSponsored bydotMobi | |
SecuritySponsored byVerisign | |
Top-Level DomainsSponsored byMinds + Machines |
